facoptere 180 Posted September 19, 2013 We just encountered a massive hack, the same as yesterday, all player died in local explosion... A player was kick at the same time for spawning a local vehicle but not for the massive explosion...Any of the filters was not able to dectect this hack..19.09.2013 08:55:52: ya ne nagibator (195.131.110.111:2384) b9910e1c5b2e8f7640de43c74b19f039 - #0 "#line 1 "uninstal.sqf"(vehicle player) addAction ["<t color = '#20f543'>~Spawn Vehicle~", "@TheWarZ\Spawn Vehicle.sqf"];(vehic"19.09.2013 08:55:52: ya ne nagibator (195.131.110.111:2384) b9910e1c5b2e8f7640de43c74b19f039 - #74 "player) addAction ["<t color = '#20f543'>~Spawn Vehicle~", "@TheWarZ\Spawn Vehicle.sqf"];(vehicle player) addAction ["<t color "I'm tired...Players are kicked for @TheWarZ pattern (line 79)I wrote a fix for localvehicle explosion hack, but it seems it has not been correctly ported to vanilla Dayz Mod v1.8. I hope I will be able to fix it for version 1.8.1. 3 Share this post Link to post Share on other sites
facoptere 180 Posted September 19, 2013 Hi Faco, Is it possible to have less verbose in createvehicle.log? Because we still have a lot of character creation lines: 19.09.2013 08:43:23: LoLkiN - #19 "Survivor1_DZ" 37:12 [-18638,25814,376] 19.09.2013 08:43:25: LoLkiN - #19 "Survivor1_DZ" 37:14 [-18639,25825,375] 19.09.2013 08:43:43: Mulien - #20 "Survivor2_DZ" 15:795 [-18697,25815,379] 19.09.2013 08:44:24: Wipetron - #19 "Survivor1_DZ" 16:504 [-18614,25880,366] 19.09.2013 08:44:40: Farvel - #15 "Bandit1_DZ" 39:5 [-18697,25815,379] Thanks It is useful to find out who did "alt-f4", since "37:12" is the character netId you will find in network error in RPT. Share this post Link to post Share on other sites
DJ_Teschmi 31 Posted September 19, 2013 It is useful to find out who did "alt-f4", since "37:12" is the character netId you will find in network error in RPT. Thanks, good to know ;) Share this post Link to post Share on other sites
rosska85 0 Posted September 21, 2013 Hey, sorry if this is a noobish question. But can I simply replace my existing BE filters with the files from the github? Or do I have to merge the two? The reason I'm confused is because the new scripts.txt on Git is tiny by comparison to my current one and it looks like most filters are set to 1 instead of 5 so I'm not sure that's very safe. :S Share this post Link to post Share on other sites
facoptere 180 Posted September 21, 2013 Current one is smaller due to performance reason. Most of rules are "1" because it's not totally safe, if you put '5' you will face some false positive for some code executed in rare condition. You can't use any 1.7.7.1 filter on a 1.8 server. Share this post Link to post Share on other sites
rosska85 0 Posted September 22, 2013 Current one is smaller due to performance reason.Most of rules are "1" because it's not totally safe, if you put '5' you will face some false positive for some code executed in rare condition.You can't use any 1.7.7.1 filter on a 1.8 server.Ah, ok that makes sense I guess. Problem now is that some of the scripts I'm running need exceptions to filters that no longer exist but I still get kicked for them... Not sure how to go about sorting those. Share this post Link to post Share on other sites
facoptere 180 Posted September 22, 2013 Ah, ok that makes sense I guess. Problem now is that some of the scripts I'm running need exceptions to filters that no longer exist but I still get kicked for them... Not sure how to go about sorting those. could you post the lines from scripts.log that should be filtered? Share this post Link to post Share on other sites
rosska85 0 Posted September 22, 2013 (edited) could you post the lines from scripts.log that should be filtered?Yes, this is what comes up in my scripts.logNormally I'm pretty good at setting up exceptions, but I can't seem to make heads or tails of this one.#90 "Manatee_Highway_7_Bridge = _this;_this = createMarker ["Wasteland", [4421.6313, 8189.4146, -5.3405762e-005]];_this setMarker"Edit: I feel like a complete idiot. Just seconds after posting I noticed the '5 wasteland' filter on line 93. I've added this to it and it seems to have stopped the kicks.!"_this = createMarker [\"Wasteland\", [4421.6313, 8189.4146, -5.3405762e-005]];"Though the kicks didn't happen every time, so I'm still not 100% sure on that filter haha. Edited September 22, 2013 by rosska85 Share this post Link to post Share on other sites
facoptere 180 Posted September 22, 2013 glad to see you did it by yourself. Share this post Link to post Share on other sites
rosska85 0 Posted September 22, 2013 I guess I shouldn't have tried figuring it out last night when I was sleep deprived haha. Share this post Link to post Share on other sites
ebay 34 Posted October 5, 2013 (edited) . Edited January 1, 2019 by ebay Share this post Link to post Share on other sites
facoptere 180 Posted October 5, 2013 Thanks. mpeventhandler needs some work. Share this post Link to post Share on other sites
ebay 34 Posted October 6, 2013 (edited) . Edited January 1, 2019 by ebay Share this post Link to post Share on other sites
facoptere 180 Posted October 6, 2013 There will be a whitelist for mpeh. I don't think that "[this] spawn BIS_Effects_AirDestruction" is illegal. Share this post Link to post Share on other sites
ameo_koradi@hotmail.com 103 Posted October 7, 2013 For 1.8.0.1 It seems legit if you can add it. SetVariable Kick: #0 "totaldmg" = 0.756827 2:23 ATV_US_EP1 Share this post Link to post Share on other sites
facoptere 180 Posted October 7, 2013 For 1.8.0.1 It seems legit if you can add it. SetVariable Kick: #0 "totaldmg" = 0.756827 2:23 ATV_US_EP1thanks. it's updated. Share this post Link to post Share on other sites
ameo_koradi@hotmail.com 103 Posted October 7, 2013 Yw ;) Another one : PublicVar kick: #1 "PVDZ_objgather_Delete" = [<NULL-object>,<NULL-object>] Share this post Link to post Share on other sites
facoptere 180 Posted October 8, 2013 Yw ;) Another one : PublicVar kick: #1 "PVDZ_objgather_Delete" = [<NULL-object>,<NULL-object>] thanks, there were few regressions in pv/pvv. Share this post Link to post Share on other sites
polli 57 Posted October 8, 2013 If anyone is interested in an automatic update script, I will post my method here. I own a Win2008 Server with full access. So this could be not working with some providers like nitrado or survivalserver as example. Please ask your provider for the use of this script. For the files I recommend to use Notepad++ Lets get started: First we need a batch file and wget (klick for download link) inside the battleye folder where all BE-filters are in. Name it as you like e.g update_scripts.bat@echo offwget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/addbackpackcargo.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/addmagazinecargo.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/addweaponcargo.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/attachto.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/createvehicle.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/deleteVehicle.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/mpeventhandler.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/publicvariable.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/publicvariableval.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/remotecontrol.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/remoteexec.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/scripts.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/selectplayer.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/setdamage.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/setpos.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/setvariable.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/setvariableval.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/teamswitch.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/waypointcondition.txt --no-check-certificatewget.exe -N https://raw.github.com/DayZMod/Battleye-Filters/Release_1.8.0.1/waypointstatement.txt --no-check-certificateexitIf you now start the batch-file it will download all current filters to your folder and overwrite the files. The path on github normaly changes with every new DayZ-patch. Please pay attention to it. Automatic Updates: If you have BEC on your machine running you can write a scheduled event. open your scheduler.xml and insert a new job: (my example updates the files every hour) <job id="998"> <time>006000</time> <delay>000000</delay> <day>1,2,3,4,5,6,7</day> <loop>1</loop> <cmd>c:\path\to\battleye\update_scripts.bat</cmd> <cmdtype>1</cmdtype> </job>Please pay attention on the drive letter if you have your battleye files on another drive. To get the updated files working with BE you need to type following commands in your rcon client: loadscriptsloadevents Or do it with another scheduled job in BEC: (updates every 5 minutes because of the banlist updates) <job id="999"> <time>000500</time> <delay>000000</delay> <day>1,2,3,4,5,6,7</day> <loop>1</loop> <cmd>writebans loadbans loadscripts loadevents</cmd> <cmdtype>0</cmdtype> </job>I update my banlist with these job also as you can see. I will hope you enjoy my way to make admins life easier.I apologize for any typos cause english is not my native language. RegardsPolli 1 Share this post Link to post Share on other sites
Gand (DayZ) 8 Posted October 14, 2013 (edited) Bump. 1.8.0.3. Getting kicked for PublicVariable Restriction #1 with latest filters. Happens within a couple of seconds of logging/spawning in. 14.10.2013 11:05:10: Dangbackwards (x.x.x.x) - #1 "PVDZ_getTickTime" = <NULL-object> Edited October 14, 2013 by Gand Share this post Link to post Share on other sites
polli 57 Posted October 14, 2013 You're gonna need !="PVDZ_getTickTime" On line 2 of your publicvariable.txt Looks like the official filters haven't been updated yet Thats it :) 1 Share this post Link to post Share on other sites
Gand (DayZ) 8 Posted October 14, 2013 Thats it :) Thanks, I was trying to add it to line 0 and it wasn't working. Line 1 did the trick. Share this post Link to post Share on other sites
L3uX (DayZ) 10 Posted October 14, 2013 (edited) 14.10.2013 13:22:16: [GSF]DxSyro (93.223.45.144:2304) x.x.x.x - #0 "PVCDZ_obj_GutBody" = [<NULL-object>,4] Edited October 14, 2013 by L3uX Share this post Link to post Share on other sites
facoptere 180 Posted October 15, 2013 Filters updated. Share this post Link to post Share on other sites
MarcPierre 0 Posted October 23, 2013 (edited) I am looking for the help too. I have neve done this before and the different ideas coming from different people are creating chaos. Please do help.___________639830-005 Edited October 23, 2013 by MarcPierre Share this post Link to post Share on other sites
